On Jan. 6, 2017, the U.S. Director of National Intelligence released
its Intelligence Community Assessment: Assessing Russian Activities
and Intentions in Recent US Elections. Still, questions persist
about Russian involvement. Did the Russian government direct the group
responsible for the breaches and related data leaks? If so, is this
simply a matter of accepted state espionage, or did it cross a line?
Was the breach at the Democratic National Committee part of a
concerted effort by the Russian government to interfere with the U.S.
The most consequential question remains unasked: How will Russia
continue to employ a variety of methods – including hacks and leaks –
to undermine the institutions, policies and actors that the Russian
government perceives as constricting and condemning its forceful
pursuit of its state aims?
FireEye’s visibility into the operations of APT28 – a group we
believe the Russian government sponsors – has given us insight into
some of the government’s targets, as well as its objectives and the
activities designed to further them.
We have tracked and profiled this group through multiple
investigations, endpoint and network detections, and continuous
monitoring. Our visibility into APT28’s operations, which date to at
least 2007, has allowed us to understand the group’s malware,
operational changes and motivations. This intelligence has been
critical to protecting and informing our clients, exposing this threat
and strengthening our confidence in attributing APT28 to the Russian government.
Our latest report, APT28: At the Center of the Storm, is available here.
You can also register for our webinar on Feb. 21, 2017, at 8
a.m. PT/11 a.m. ET/4 p.m. GMT (UK), which will feature additional
insights from Jonathan Wrolstad, Senior Threat Intelligence Analyst
with FireEye, and Robert Morgus, Policy Analyst with New America’s
This is a Security Bloggers Network syndicated blog post authored by Nick Harbour. Read the original post at: Threat Research Blog